1. Field of the Invention
The present invention is related to cellular mobile station activation and, more particularly to a method for authenticating a service provider during over the air activation.
2. Background
Over the air activation (xe2x80x9cOTAAxe2x80x9d) was proposed in IS-136 Revision A (Telecommunications Industry Association), June 1996 and the Addendums thereto, which are incorporated by reference herein. OTAA enables a cellular service provider to activate a potential subscriber""s cellular mobile station over the air. The service provider downloads certain parameters, such as the telephone number, to the unit over the air. This service is extremely convenient for consumers who are no longer required to bring the unit into a dealer or service agent for activation. Moreover, OTAA allows service providers to market cellular telephone units through non-traditional mass-market retailers, who do not have the personnel to program subscriber telephone units.
Due to the push to implement OTAA early, certain implementation aspects were not included in IS-136 Revision A. For instance, the OTAA proposal failed to include adequate provisions for network authenticationxe2x80x94a method for preventing fraudulent access to the cellular telephone system by validating cellular users. Network authentication ensures that the correct service provider is the only entity that can program the cellular telephone unit. The initial OTAA disclosure does not incorporate current non-over-the-air methods for network authentication, such as A-key authentication.
A-key authentication is a North American network authentication process. During setup, each cellular telephone is issued a number called an A-key. The A-key is issued much as Swiss banks issue a secret account number to identify secretive clients. This A-key value is never disclosed to others. The subscriber enters it into the cellular telephone via the keypad. The telephone uses the A-key to calculate and store a shared secret data (xe2x80x9cSSDxe2x80x9d) key. The network also performs the same calculations to create and store the SSD. During each call, the SSD key creates an authentication response code, and during access, the phone transmits only the authentication response code. The authentication response changes during each call because the system sends a random number which is also used to create the authentication response code value. A criminal who intercepts an authentication transaction over the air has no clue regarding the correct value of the SSD key, and cannot repeat the response given in one authentication transaction to try to fool the system in another authentication transaction.
The initial OTAA proposal does, however, provide for the use of a xe2x80x9csubsidy lock.xe2x80x9dA subsidy lock is a method for securing the preprogramming of a service provider-subsidized cellular telephone unit. Service providers often condition the use of a subsidized cellular telephone unit by conditioning the use of the unit on its being xe2x80x9cunlockedxe2x80x9d only for that service. Several methods for locking and unlocking handsets are described in U.S. patent application Ser. No. 08/570,921, filed Dec. 12, 1995 for xe2x80x9cMethods and Apparatus For Locking Communications Devicesxe2x80x9d to John Patrick Parker and assigned to BellSouth Corporation, which is hereby incorporated by reference herein. Unfortunately, the subsidy lock proposed in IS-136 Revision A fails to take advantage of A-key information.
An improved mechanism for OTAA should include support for network authentication. Preferably, network authentication in OTAA involves the use of A-key programmed information. Furthermore, the network authentication should provide a method for securing the programming of a service provider-subsidized cellular telephone unit.
The present invention overcomes the problems of the prior art by providing a method for authenticating service providers during over the air activation of a mobile station. The present invention utilizes an A-key pre-programmed into the mobile station. The A-key is also provided to the service provider. The service provider performs an algorithm using the provided A-key and transmits the results along with the algorithm input parameters to the mobile station. The mobile station, during over the air activation, performs the same algorithms using the provided parameters and the programmed A-key. If the results are the same, then the mobile station has authenticated the service provider.
In a preferred embodiment of the present invention, a method for authenticating a cellular service provider during over the air activation of a mobile station includes the steps of: (1) programming an A-key value into the mobile station; (2) providing the A-key value to the service provider; (3) generating a first authentication value at the service provider using the provided A-key value; (4) transmitting the first authentication value to the mobile station; (5) generating a second authentication value at the mobile station using the programmed A-key value; and (6) comparing the first and second authentication values.
The first authentication value is generated by performing two algorithms. First, the service provider generates two random numbers. The service provider performs a first CAVE algorithm using the first random number and the provided A-key value. The first CAVE algorithm produces a first shared secret data value. The service provider then performs a second CAVE algorithm using the first shared secret data value and the second random number. The second CAVE algorithm produces a first authentication value. The service provider then transmits the first and second random numbers and the authentication value to the mobile station. The mobile station performs a third CAVE algorithm using the first random number and the programmed A-key value. The third CAVE algorithm produces a second shared secret data value. The mobile station performs a fourth CAVE algorithm using the second shared secret data value and the second random number. The fourth CAVE algorithm produces a second authentication value. The mobile station compares the first and second authentication values. If the numbers are identical, the service provider has been authenticated.
The present invention may be used as a subsidy lock. The A-key value is known only by the service provider. Thus, mobile phones made by the service provider may include the pre-programmed A-key value. The same authentication process may be used, therefore, to verify that the service provider is the manufacturer.
Objects and advantages of the invention will be set forth in part in the description which follows and in part will be obvious from the description or may be learned by practice of the invention. The objects and advantages of the invention will be realized and attained by means of the elements and combinations particularly pointed out in the appended claims.